Re: Best way to do multiple NAT statements on ASA
In the message <firstname.lastname@example.org. com>
Andrew Hodgson wrote:
| I have 3 DMZs and an inside network.
| Inside network is 192.168.1.0/24, DMZ1 is 192.168.2.0/24, DMZ2 is
| 3.0/24, and DMZ 3 is 4.0/24.
| I want all networks to be able to talk to each other without NAT
| (there will be ACLs however).
| Currently I have NAT statements like this:
| However, what is the most efficient way to get all the DMZs talking to
| each other without NAT? Do I have to use commands like:
| Is there a more efficient or secure way?
You can disable the nat control feature.
The command is: no nat-control
After this you don't need to have nat statements for traffic that goes
from one interface to another.
to make DMZ1 connect to DMZ2 without NAT this is the command and u repeat the setrp for all dmz
static (dmz1,dmz2) 192.168.2.0 192.168.2.0 netmask 255.255.255.0
Notice : that mean DMZ1 conenct to DMZ2 by its IP address 192.168.2.0
|All times are GMT. The time now is 06:52 PM.|
Powered by vBulletin®. Copyright ©2000 - 2014, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.